Good thought. Per-node CO2 estimates from CPU/RAM specs alone would stack too many unknowns to be honest, we don’t have utilization data, datacenter PUE, or whether the provider uses renewable energy. Country-level grid carbon intensity is the part that’s actually tractable, open datasets like Ember cover it for most countries at the same tier as the World Bank / Freedom House data we already use. Worth looking into, will think about it, thanks!
2 Likes
2 Likes
Update #8
Grid energy
Each node detail card now shows the country’s electricity grid CO₂ intensity (g/kWh), colored by band with a 5-year trend arrow. The expanded panel shows where the country sits between cleanest grids (~30 g/kWh) and dirtiest (~900+), the world average (458.5, 2025), and a freshness flag (fresh / recent / aged / stale). 141 of 145 countries covered from Ember Yearly Electricity Data under CC-BY-4.0. No per-node CO₂ estimates: translating country grid into “your node emits X kg/year” needs utilization, PUE, and hardware data we don’t have, and stacking those unknowns into one number is false precision. The panel shows only what’s verifiable and explicitly says what we don’t compute, in 9 languages.
Provider renewable tier
Sitting next to country grid intensity, the node’s hosting provider gets a six-tier classification: PPA with named project (1), on-site generation (2), matched RECs / Guarantees of Origin (3), unbundled RECs (4), self-declared (5), no public disclosure (6). All 25 providers in the dataset were researched by hand: fetch the official sustainability page, extract exact quotes, capture source URL and verified_at. Where direct fetch failed (Akamai blocks scrapers, HostHatch is SPA-only) the verification method is flagged explicitly and the entry carries a confidence level. 11 providers have per-DC tier overrides because reality is heterogeneous - Hetzner’s DE/FI datacenters are Tier 3 but Hetzner Cloud’s US/SG colocations are Tier 6. The strongest find this round was OVHcloud’s FY25 KPIs PDF, audited by APAVE to ISO/IEC 30134-3 across all 9 owned datacenters showing 100% Renewable Energy Factor - the only provider in the dataset with explicit third-party audit.
Performance
/api/nodes is now gzip-compressed and slim: 221 KB → 40 KB, load time 990 ms → 460 ms. /api/check was hitting 40 seconds because 3 of 4 multi-vantage probe agents had gone offline and every port check waited 6 s × 3 dead agents. A circuit breaker now drops agents after three consecutive failures with 60-second re-probe; /api/check lands at 6-11 s on first hit, ~6.5 s after.
Thanks
This whole Grid energy line started from a comment under Update #7 by @jakea suggesting an environmental impact score. The original proposal (per-node CO₂ from CPU/RAM/bandwidth) was too speculative to do honestly, but the underlying observation was right and the verifiable layers are now in. Thanks jakea. If anyone else has a feature suggestion, drop a comment. Insights, Plan wizard, Multi-vantage, IPv6 Setup Guide, Operator profiles, and now Grid energy all started from operator feedback.
2 Likes
@unclelem I love how this implementation turned out. Thank you for considering the idea!
3 Likes
Update #9
Official Nym probe
Each gateway detail card now shows Nym’s own functional probe, pulled live from the production node-status API that backs Harbour Master. The other checks look at a node from the outside (ports reachable, version, IPv6, exit policy); this one runs traffic THROUGH the gateway the way a real client does: entry routing, exit routing (external IPv4/IPv6), WireGuard handshake (v4/v6), dVPN/Lewes registration, and SOCKS5 HTTPS with latency. The panel carries a freshness badge (green under 6h, amber under 48h, grey older), the node’s performance score, a source link, and a stale warning when the node hasn’t been re-tested recently. It deliberately drops routing_score and config_score: both are 0 for every node in the network right now (deprecated upstream) and would falsely paint every gateway as broken, so we lean on performance plus the boolean dimensions, which are real. Gateways only - a mixnode just forwards sphinx packets, there’s no entry/exit/WG to test, so the section doesn’t render for one rather than invent a number. Getting here meant finding the right source: the staging probe API was serving a snapshot frozen ~9 days (its runner was out of bandwidth credentials), which we verified and reported back; the checker reads the production host, where probes are minutes-fresh. 9 languages.
Two views, cross-checked
Our multi-vantage probe and Nym’s probe hit a node from opposite directions - we knock on ports from several outside vantage points, Nym routes real traffic through the node itself - so the panel flags where they disagree. The useful case: our vantages see ports as closed while Nym routes traffic fine, which usually means the host whitelists Nym’s probe IPs while blocking everyone else. Not something one viewpoint catches alone.
Provider seizure advisory
When a node’s hosting provider has a known critical event, the detail card now leads with a red banner. First one live: WorkTitans B.V. (AS209847, a Dutch front-company for sanctioned Stark Industries / PQ-Hosting / the.hosting). On 2026-05-18 the Dutch FIOD seized ~800 servers and arrested two operators in raids across Enschede, Almere, Dronten and Schiphol-Rijk; infrastructure in the affected locations (US/DE/NL/AT) is gone, not recoverable. Any node on that ASN now gets the warning at the top of its card with the aliases, the issue date, a migrate-now prompt, a 30-day deadline note, and a link to the source (Krebs on Security, not our own docs). The same advisory also floors that provider’s deploy-recommendation score, so it stops being suggested anywhere. Triggered by ASN, 9 languages.
Thanks
Thanks to the Nym team for exposing the functional probe data - this just surfaces their work where an operator can act on it. As always, if you have a feature suggestion, drop a comment. Insights, Plan wizard, Multi-vantage, IPv6 Setup Guide, Operator profiles, Grid energy, the provider advisory, and now the Official probe all came from operator feedback or real incidents.